BadgeChain Newsletter #16 – Blockchain and The Right to Be Forgotten

January 4th, 2018 | Kerri Lemoie

In April 2016 the European Parliament passed the General Data Protection Act (GDPR). As part of the regulation, the right to be forgotten article stipulates that EU citizens have the right to request that companies (data controllers) erase their personal data when data is considered inaccurate, inadequate, irrelevant or excessive. Data controllers have one month to erase the data and provide proof that the data has been removed. Substantial fines for every occurrence of breach will be as much as €20 M or 4% of global revenue (whichever is higher). It applies to companies in the EU as well as organizations outside the EU offering services to European citizens. This May, the regulation will be enforceable.

Traditional applications store data on databases that they own or control. In those cases, it is a relatively clear-cut task to delete the data. Many applications even already have databases located globally where they can make allowances for GDPR. But applications built on blockchains or using blockchain databases as part of their stack have unique considerations since these technologies have inherent functionalities that make compliance far more challenging: permanence and immutability.

Once a transaction occurs on blockchain, it is there for the life of the blockchain. At the core of the technology is cryptography and the use of public and private keys. If the private key is lost or destroyed, the data is no longer accessible. In that case, if the person who is the subject of the data is the only one who has access to the private key, then that person has complete sovereignty over that data but what if the possession of the key changes or the key has been shared? It doesn’t seem to be nearly enough assurance.

Some efforts are being made toward this. BCDiploma, which stores degrees using Ethereum, proposes a system called EvidenZ that uses a set of three keys which must all exist to read the data. If one of the keys is destroyed, the data is no longer accessible. BigchainDB is exploring functionality that has time limits for access to data.  Still, as with anything blockchain related, it is early. Surely we will see continued innovation in this space quickly. Companies and organizations considering blockchain technologies as part of their stack should be considering the GDPR implications carefully not only because of the massive fines but also because data privacy is a fundamental human right.

~ ~ ~

Here are the links that inspired and informed this newsletter. We recommend them to you as interesting data points in your consideration of decentralized technologies, blockchain, and its impacts on society.

Badgechain newsletter #15 – Cryptocurrency: unchecked, unregulated, un-understood

November 9th, 2017 | Carla Casilli

$7000. Bitcoin. Unprecedented. Unparalleled. Unimaginable. Fascinatingly, or perhaps terrifyingly, software professionals are not merely shaking their head at this valuation but at the construct of cryptocurrency itself.

I turned to Twitter to get a read on this recent development and it did not disappoint. @helenhousandi tweeted, “Kinda blows my mind that people who work on software and know it’s basically all duct taped together are willing to have software currency.”

Hooo boy, now that’s a conversation starter, right?

@BillStewart5 responded, “Most of the new software currencies are intended for sale to people who don’t understand that.” So, professional software folks believe that stooges are the primary cryptocurrency audience? Not a ringing endorsement. Still, @Rabbyte pushes back on this overwhelmingly pessimistic view with two tweets that reframe what cryptocurrency might be, “I don’t consider it currency anymore than I consider a webpage to be paper. 💁💸” She follows that up with, “it’s a metaphor that builds a sandbox for solving security issues to get to the next thing.” This seems like both logical and plausible reasoning. Maybe we’re just too locked into the idea of currency as something we know and understand. And yet…

There are legitimate big picture concerns: our current financial system relies on a strong but not always obvious social contract. @floatingatoll warns, “Not one I know pays taxes on the income earned, and they laugh at my concern that tax-dodging isn’t really a solid long-term plan.” And listen to @rnewman’s cryptocurrency issue, “I recently turned down a job in part because the implications of cryptocurrency comp (!) weren’t well thought through. #whatafuture”

This sort of conversation—where professionals who build software openly comment on the dependability of a world where software is currency—isn’t really happening anywhere in long form journalism, at least not with anywhere near the bite that it’s happening on Twitter. And it’s not just tech-savvy folks, but folks interested in the structure of our society. We have a long way to go if this is to be our future.

On the plus side, people are trying to make cryptocurrencies work. On the minus side, those cryptocurrencies appear to be drunkenly wandering back and forth across the line of sheer madness and dependable, social usefulness. So, while their valuations may be going through the roof, chances are folks are gonna feel perfectly fine when the sheer madness valuation bubble finally bursts. @evansolomon’s destabilizing warning, “The software is probably the least insane part of crypto” dovetails beautifully with @ipstenu’s, “Unchecked, unregulated, un-understood. That’s our universe!”

Maybe the software builders know a thing or two.

~ ~ ~

Here are the Twitter links that inspired and informed this newsletter. We recommend them to you as interesting data points in your consideration of decentralized technologies, blockchain, and its impacts on finance and society.